Bullish
Exchange Operations Specialist
New York2 days ago
is an institutionally focused global digital asset platform that provides market infrastructure and information services.
These include: Bullish Exchange – a regulated and institutionally focused digital assets spot and derivatives exchange, integrating a high-performance central limit order book matching engine with automated market making to provide deep and predictable liquidity.
Bullish Exchange is regulated in Germany, Hong Kong, and Gibraltar.
CoinDesk Indices – a collection of tradable proprietary and single-asset benchmarks and indices that track the performance of digital assets for global institutions in the digital assets and traditional finance industries.
CoinDesk Data - a broad suite of digital assets market data and analytics, providing real-time insights into prices, trends, and market dynamics.
CoinDesk Insights – a digital asset media and events provider and operator of Coindesk.com , a digital media platform that covers news and insights about digital assets, the underlying markets, policy, and blockchain technology.
Reports to: Head of Digital Asset Security
At Bullish, we don’t just move digital assets; we protect them.
As a Specialist, Digital Asset Security, you are a "Guardian of the Vault." You will master institutional-grade crypto security—from managing Hardware Security Modules (HSMs) to executing high-stakes key ceremonies.
This role bridges deep-tech engineering with the operational rigor of a world-class exchange.
Core
Custody Operations (24/7): Ensure the resilience of the Bullish Custody platform.
As part of a global team, you will maintain cryptographic systems to meet the demands of a live exchange.
Note: This role may require shift work to support 24/7 global operations. 3rd Party Custody Support: Serve as a technical contact for partners (e.g., BitGo, Fireblocks, Fordefi), managing integrations and monitoring provider health.
Security Automation: Use Python and Bash to automate security checks, parse logs, and eliminate human error in operational workflows.
AI-Augmented Operations: Leverage AI/LLMs to deconstruct system alerts, optimise scripts, and increase operational bandwidth.
Key Ceremonies & Playbooks: Participate in scripted private key management (key ceremonies) and maintain audit-ready documentation (ISO 27001, SOC 2).
Cross-Functional Collaboration: Partner with global Dev and DevOps teams to integrate security into every stage of the product lifecycle.
Required Competencies Experience: 1–2 years in Cybersecurity, Software Engineering, or technical finance with a "security-first" mindset.
Technical Toolbox: Proficiency in Python, Bash , Linux, and macOS.
You should be comfortable troubleshooting via the command line.
The "Zero-Mistake" Mindset: Exceptional attention to detail; you understand that following protocol is non-negotiable.
Crypto Foundations: Solid understanding of blockchain, PKI, and wallet architectures (MPC, Multi-sig).
Technical Curiosity: A drive to understand the "why" behind the "how" —from PC building to open-source experimentation.
Communication: Fluent English; ability to collaborate effectively across global time zones.
Desirable Skills Hardware: Experience with HSMs, YubiKeys, or TPMs.
Platforms: Familiarity with GCP , Terraform, Docker, or Datadog.
Vendors: Prior use of Fireblocks, BitGo, or Fordefi APIs.
Modern Workflow: Proficiency with AI-assisted engineering (e.g., GitHub Copilot, Gemini).
Bullish is proud to be an equal opportunity employer.
We are fast evolving and striving towards being a globally-diverse community.
With integrity at our core, our success is driven by a talented team of individuals and the different perspectives they are encouraged to bring to work every day.